In the case of this particular set of buildings, IBM worked with the equipment vendors to address the security issues the team found, and with the building automation company to fix the configuration errors. If you put on your evil hat, there are lots of ways to do bad things." "We could have actually turned the heat up, turned off the air conditioning, potentially taking down all the servers. "We had access to the environment controls for the data center," Poulin said. They could have done some serious damage, he said.įor example, the first building, in addition to housing offices, also had a data center. That, in turn, gave them access to all the buildings that this company managed. "We connected to their wireless gateway and got an address that did allow us to connect to the central building management system," Poulin said. Now they used the access they had already gained to the building's network. The building's location was not particularly far, however, so they simply drove over to the building and set up shop in the parking lot. "It didn't not allow us to connect via the Internet from our address space," Poulin said. There, the X-Force team hit the only major obstacle - even with the stolen login credentials and the configuration file pointing to the central server, they could not log in.
#X force team password
There, they found a remote execution flaw that allowed them to execute commands and get into a password file that helped them get into the building management system and a configuration file that pointed to the management company's central server, the final objective.
"Once we had access to that, we had access to the management system of one building."ĪLSO: Ways to build physical security into a data center "We did it old-school, just probing the firewall, finding a couple of flaws in the firmware," said Chris Poulin, research strategist for IBM's X-Force. Without any social engineering, or online data gathering about employees, the team targeted one building. In this particular case, a building management company operated more than 20 buildings across the United States, as well as a central server. IBM's X-Force ethical hacking team recently ran a penetration test against a group of office buildings using building automation systems that controlled sensors and thermostats. As buildings get smarter and increasingly connected to the Internet, they become a potential vector for attackers to target.